Role in IT decision-making process:Align Business & IT GoalsCreate IT StrategyDetermine IT NeedsManage Vendor RelationshipsEvaluate/Specify Brands or VendorsOther RoleAuthorize PurchasesNot Involved

Work Phone:

Company:

Company Size:

Industry:

Street Address

City:

Zip/postal code

State/Province:

Country:

Occasionally, we send subscribers special offers from select partners. Would you like to receive these special partner offers via e-mail?YesNo

Your registration with Eweek will include the following free email newsletter(s):News & Views

By submitting your wireless number, you agree that eWEEK, its related properties, and vendor partners providing content you view may contact you using contact center technology. Your consent is not required to view content or use site features.

By clicking on the "Register" button below, I agree that I have carefully read the Terms of Service and the Privacy Policy and I agree to be legally bound by all such terms.

Sun Identity Server Supports Liberty Spec

WEBINAR:On-Demand

Sun Microsystems Inc. last week unveiled its first new identity management product based on the Liberty Alliance specification it helped create.

Sun ONE (Open Net Environment) Identity Server 6.0 is not a breakthrough product, but customers, competitors and other Liberty Alliance members will be watching its progress closely. Identity Server is the first major product from an alliance member to hit the market with support for the Liberty specification. As such, it carries much of the hopes and expectations of the group with it.

The key enhancement in the software is its support for federated services. This lets organizations share their employees and customers authentication credentials with affiliated Web sites, eliminating the need for individuals to log on to each site separately.

This functionality is provided by the Liberty Alliance 1.0 specification, which is built on the SAML (Security Assertion Markup Language) 1.0 specification. Sun and the Liberty Alliances other members are counting on demand for this kind of federation to, in turn, drive demand for Liberty-enabled products.

Further reading

However, some Liberty members say their customers have yet to ask for this functionality in any meaningful quantity. And analysts say its still too early to tell whether theres any real market for such services.

"Were still in the proof-of-concept stage with this, especially with companies that arent yet ready to automate their relationships with other companies," said Pete Hurwitz, an analyst at Spire Security LLC, in Malvern, Pa. "Its not an overwhelming kind of thank God feature."

The alliance began life as an effort to develop an alternative to Microsoft Corp.s Passport online identity service. However, Sun, of Santa Clara, Calif., has shied away from that characterization in recent months, preferring instead to discuss Libertys efforts as a unique authentication scheme in its own right.

Passport has all but wrapped up the consumer market for such services—more by default than anything else—and Sun and Liberty have begun to concentrate their efforts on the enterprise market.

Identity Server 6.0 includes several other new features, including one-click digital certificate requests and issuance via Sun ONE Certificate Server, digital signing of log files for nonrepudiation purposes and a Java-based management console.

The new version of Identity Server includes Suns new Java Authentication and Authorization Service framework, which is an open, extensible security architecture. The technology builds on the Javax.security package in the servers software development kit, The Java Secure Socket Extension and Java Cryptography Extension. The service can be configured on a per-application, per-user, per-role and per-organization basis and uses resource-based authentication to enable every protected resource and authentication to have a configurable authentication level.

In addition to support for the SAML and Liberty specifications, Version 6.0 includes modules for integrating numerous authentication technologies, including LDAP, Remote Authentication Dial-In User Service, X.509v3 certificates, SafeWord token cards, and Windows NT and 2000 authentication.

By submitting your information, you agree that eweek.com may send you eWEEK offers via email, phone and text message, as well as email offers about other products and services that eWEEK believes may be of interest to you. eWEEK will process your information in accordance with the Quinstreet Privacy Policy.

We ran into a problem

We already have your email address on file. Please use the "Forgot your password?" link to create a password, validate your email and login.